Security update for bsh2 (important)

2016-03-09T12:12:28
ID SUSE-SU-2016:0700-1
Type suse
Reporter Suse
Modified 2016-03-09T12:12:28

Description

This update for bsh2 fixes the following issues:

  • CVE-2016-2510: An application that includes BeanShell on the classpath may be vulnerable if another part of the application uses Java serialization or XStream to deserialize data from an untrusted source.

Please see <a rel="nofollow" href="https://github.com/beanshell/beanshell/releases/tag/2.0b6">https://github.com/beanshell/beanshell/releases/tag/2.0b6</a> for more information.